Asankhaya Sharma

Building reliable software systems can be hard and challenging. One way to increase the quality of software is to test it rigorously, another is to provide formal proof of correctness of programs. We work on tools and methods to enable developers to build software safely. [Research Statement]

Awards

• Safety Startup Award, World of Safety and Health Asia 2023 [video]
• ACM SIGSOFT Distinguished Paper Award, MSR 2020
• ACM SIGSOFT Top 10 Downloaded Articles, Software Engineering Notes, January 2015
• Bronze Medal at ACM Student Research Competition, ICSE 2014

Grants

• Automated Program Repair (2022-2027), Collaborator, funded by Ministry of Education, Singapore
• Uncovering Vulnerabilities in Machine Learning Frameworks via Software Composition Analysis and Directed Grammar-Based Fuzzing (October 2020 - March 2023), Co-PI, Amount 500,000 SGD, funded by National Satellite of Excellence in Trustworthy Software Systems (NSoE-TSS), Singapore
• DeepSense: Deep Media Sensing for Software API Recommendation (01/2020-01/2023), Collaborator, funded by Ministry of Education, Singapore
• Virtual Appliance for Software Verification Research (April 2014 - April 2015), PI, Amount 50,000 SGD, funded by Microsoft Azure for Research Award

Projects

• HIP/SLEEK Verification System
• Code Analysis Tool for .NET (CAT.NET 2.0)
• Platform for Remote Sensing using Mobile Smartphones (PRISM)

Patents

• Deidentifying code for cross-organization remediation knowledge , WIPO (PCT) Application Number WO2022103382A1 (2022) [pdf]
• Development pipeline integrated ongoing learning for assisted code remediation , WIPO (PCT) Application Number WO2022093250A1 (2022) [pdf]
• Open source vulnerability prediction with machine learning ensemble , USPTO Application Number 16/105,016 (2018) [pdf]
• Software vulnerability graph database , USPTO Application Number 16/050,109 (2018) [pdf]
• Open-source software vulnerability analysis , USPTO Application Number 16/050,050 (2018) [pdf]
• Signatures for software components , USPTO Application Number 14/506,490 (2014) [pdf]
• Displaying Content on Multiple Web Pages , USPTO Application Number 12/623,458 (2009) [pdf]

Publications

• Evaluating Pre-trained Language Models for Repairing API Misuses, 2023 [pdf]
• Automated Identification of Libraries from Vulnerability Data: Can We Do Better?, ICPC 2022 [pdf |code |video]
• HERMES: Using Commit-Issue Linking to Detect Vulnerability-Fixing Commits, SANER 2022 [pdf |code |video]
• Out of Sight, Out of Mind? How Vulnerable Dependencies Affect Open-Source Projects, ICSE 2022 and Empirical Software Engineering Journal 2021 [pdf |video]
• A Machine Learning Approach for Vulnerability Curation, MSR 2020 [pdf |pptx |video]
• Automating Continuous Planning in SAFe, RCoSE 2020 [pdf |code |pptx |video]
• Automated Identification of Libraries from Vulnerability Data, ICSE (SEIP) 2020 [pdf |pptx |video]
• The Dynamics of Software Composition Analysis, ASE (LBR) 2019 [pdf |poster]
• Efficient Static Checking of Library Updates, FSE 2018 [pdf]
• SGL: A domain-specific language for large-scale analysis of open-source code, SecDev 2018 [pdf]
• Automated Identification of Security Issues from Commit Messages and Bug Reports, FSE 2017 [pdf |poster]
• Specifying Compatible Sharing in Data Structures, ICFEM 2015 [pdf|pptx|tool]
• Certified Reasoning with Infinity, FM 2015 [pdf|code|tool]
• Certified Reasoning for Automated Verification, PhD Thesis, Department of Computer Science, NUS 2014 [pdf|pptx|pics]
• Verified Subtyping with Traits and Mixins, FSFMA 2014 [pdf|pptx|code|tool]
• Exploiting Undefined Behaviors for Efficient Symbolic Execution, ICSE (ACM-SRC) 2014 [pdf|code|poster|pptx|video]
• HIPimm: Verifying Granular Immutability Guarantees, PEPM 2014 [pdf|tool]
• A Refinement Calculus for Promela, ICECCS 2013 [pdf|pptx|code]
• Towards Complete Specifications with an Error Calculus, NASA Formal Methods 2013
• An Empirical Study of Path Feasibility Queries, CoRR 2013 [data]
• End to End Verification and Validation with SPIN, CoRR 2013 [data]
• A Critical Review of Dynamic Taint Analysis and Forward Symbolic Execution, Technical Report NUS 2012 [pdf|pptx|code]
• Building Extensible Parsers with Camlp4, Technical Report NUS 2011 [pdf|code]
• Towards a Verified Cardiac Pacemaker, Technical Report NUS 2010 [pdf|pptx|code]
• Cloud Based Document Delivery Service For Emerging Markets, ICSEM 2010 [pdf|pptx]
• PRISM: Platform for Remote Sensing using Smartphones, MobiSys 2010 [pdf]
• Revisiting Ontology Alignment in Web 2.0, Technical Report NITW 2009 [pdf]
• Detecting Intrusions in Databases, ICDM 2008 [pdf]
• DIDAR - Database Intrusion Detection with Automated Recovery, B.Tech Thesis NITW 2007 [pdf|ppt|tool]
• Dynamic Band Approach for LCS Calculation of Two Sequences, InCoB 2006 [pdf]
• Ontology Matching using Weighted Graphs, ICDIM 2006
• Heterogeneous Computational Grid - a p2p node based resource virtualization system, Technical Report NITW 2006 [pdf]
• Ontology Matching and Schema Integration Using Node Ranking, SWWS 2006 [pdf|ppt|tool]

last updated on 10-nov-23